CVE-2024-39393

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Aug 14, 2024

Updated: Aug 19, 2024

CWE ID 125

Summary

CVE-2024-39393 is a newly disclosed out-of-bounds read vulnerability affecting Adobe InDesign Desktop versions ID19.4, ID18.5.2, and older. This issue arises when InDesign fails to properly manage memory while processing crafted files, resulting in the application reading data beyond the designated bounds. An attacker can capitalize on this vulnerability by crafting a malicious file and tricking a user into opening it. Successful exploitation allows the attacker to execute code in the context of the current user.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Adobe Indesign CS
Adobe InDesign

Affected Vendors

Adobe

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/wovnCX
https://www.cve.org/CVERecord?id=CVE-2024-39393
https://nvd.nist.gov/vuln/detail/CVE-2024-39393

Back to Vulnerability Database